Linux Kernel Flaw Reaches Into Internet of Things

In-brief: Software updates were released to address a serious and exploitable security flaw in the Linux kernel on Tuesday. The issue, in a feature called keyring, could impact embedded systems as well as mobile devices.

Software updates were released to address a serious and exploitable security flaw in the Linux kernel on Tuesday.

The bug, in a common Linux component called “keyring” has broad reach, affecting many versions of the Android mobile operating system, as well as embedded devices on the Internet of Things that run versions of the Linux, according to researchers at the security firm Perception Point, which discovered the hole. The vulnerability has been assigned the identifier CVE-2016-0728.

In a blog post, Perception Point described the vulnerability as a zero-day local privilege escalation vulnerability in the Linux kernel that has existed since 2012. “This vulnerability has implications for approximately tens of millions of Linux PCs and servers, and 66 percent of all Android devices (phones/tablets),” the company said.

In an interview with The Security Ledger, Perception Point CEO Yevgeny Pats said that the vulnerability, CVE-2016-0728, is caused by a programming error in code that is part of the keyring facility, a feature of the Linux kernel that provides a way for drivers to retain or cache security data including authentication and encryption keys in the kernel.

The flaw was discovered by Perception Point researchers who were developing a Linux software client for the company’s software. “Our research team looked into (the bug) and saw that it can cause a privilege escalation on the device,” Pats said.

The keyring feature is a core component of the Linux kernel starting with the 3.8 release. As a result, the vulnerability is “platform agnostic,” Pats said. It affects both 32-bit and 64-bit systems that use that kernel. Any version of Android starting with the KitKat release contains the vulnerability as does any embedded real-time OS (RTOS) that relies on the 3.8 kernel – or later.

The flaw is a common one: a so-called “integer overflow” vulnerability in which a field used to store a reference count for a keyring object isn’t properly checked to prevent overflowing the ‘use count’ field, allowing it to wrap around to 0.

“If a process causes the kernel to leak 0x100000000 references to the same object, it can later cause the kernel to think the object is no longer referenced and consequently free the object,” perception point wrote. “If the same process holds another legitimate reference and uses it after the kernel freed the object, it will cause the kernel to reference a deallocated or reallocated piece of memory. Attackers could use that predictable “use after free” behavior to force the system to execute malicious code.

To exploit the hole, an attacker would simply need to establish low-privileged access to an affected system. On an Android phone, this could be by way of an Android mobile application. In a more traditional environment, it might require physical or logical access to the system. Once logged in with low privileges, the vulnerability could be used to escalate the user’s privileges, gaining administrator level access to the vulnerable system.

Security flaws in core components of the Linux operating system have the potential to affect a wide range of devices, as more companies turn to the open source operating system to power connected devices.

Author: PaulI'm an experienced writer, reporter and industry analyst with a decade of experience covering IT security, cyber security and hacking, and a fascination with the fast-emerging "Internet of Things."

You’re so awesome! I don’t believe I’ve read a single thing like this before. So nice to discover anotner person with genuine thoughts oon this topic. Really.. thank you for starting this up. This website is one thing that is equired on the internet, someone with a bit of originality!

Running sneakers seashore, New York SneakerCon2014 facility sports follow-up main case event SneakerCon this unique vacation just as before to BasketballCity – NY. The game location to Pier92/ninety-four pavilion, biggest storage space, and a lot exhibitors get numerous shoes, immerse per fink; the following, you can discover probably the most treasured and additionally rare heels, view the attention about the lense, dry Jordan remains the president; too, you can find famed places and then product event, these include JohnnyCupcakes, StapleDesign, JasonMarkk in addition to a Rastaclat and thus. Might take advantage of the after turned on-site web inspection.

you’re really a excellent webmaster. Thee web site loading speed is incredible. It sort of feels that you’re doing any distincive trick. Moreover, Thee contents are masterpiece. you ave performed a wonderful activity on this topic!

I believe everything wrote was very logical. But, consider this, what if you were to create a killer post title? I mean, I don’t want to tell you how to run your website, but what if you added something to maybe grab a person’s attention? I mean Linux Kernel Flaw Reaches Into Internet of Things | The Security Ledger is kinda vanilla. You should glance at Yahoo’s home page and see how they write news headlines to grab people interested. You might add a related video or a related pic or two to grab readers interested about what you’ve written. Just my opinion, it could make your website a little livelier.

Because of the large number of pay lines, this game is mostly found as a penny slot but caan be found in thee nickel denomination as well.

Surround sound in The Two Towers is particularly impressive. Each slot profile wiill include information about wher you can find it, what gimmicks and bonus rounds are on the slot and a video of the game in action.

Very good website you have here but I was curious if you knew of any community forums that cover the same topics talked about in this article? I’d really like to be a part of online community where I can get feedback from other experienced people that share the same interest.